Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- user abc;
- worker_processes auto;
- pid /run/nginx.pid;
- include /etc/nginx/modules/*.conf;
- events {
- worker_connections 40960; #Open file limit per core. Run "ulimit -n" in terminal for YOUR correct number.
- }
- http {
- #GEO BLOCK
- include /config/nginx/geoblocksites.conf;
- #CACHE STATIC CONTENT
- #include /config/nginx/cache.conf;
- #CF Real IP
- include /config/nginx/cf_real-ip.conf;
- real_ip_header X-Forwarded-For;
- ##
- # Basic Settings
- ##
- # Real docker ip! [Allready set in CF Real IP]
- #real_ip_header X-Forwarded-For;
- #set_real_ip_from 172.18.0.0/16;
- #real_ip_recursive on;
- ## Tuning - Buffers & Timeouts
- ## Buffer size for POST submissions
- client_body_buffer_size 512K;
- client_max_body_size 0;
- # Buffer size for Headers
- client_header_buffer_size 1k;
- # Max time to receive client headers/body
- client_body_timeout 12;
- client_header_timeout 12;
- # Skip buffering for static files
- sendfile on;
- # Optimise sendfile packets
- tcp_nopush on;
- tcp_nodelay on;
- # Max time to keep a connection open for
- keepalive_timeout 20;
- types_hash_max_size 2048;
- # server_tokens off;
- # Max time for the client accept/receive a response
- send_timeout 10;
- server_names_hash_bucket_size 128;
- # server_name_in_redirect off;
- variables_hash_max_size 2048;
- variables_hash_bucket_size 64;
- proxy_headers_hash_max_size 1024;
- proxy_headers_hash_bucket_size 128;
- include /etc/nginx/mime.types;
- default_type application/octet-stream;
- ##
- # Logging Settings
- ##
- access_log /config/log/nginx/access.log;
- error_log /config/log/nginx/error.log;
- ##
- # Gzip Settings
- ##
- gzip on;
- gzip_disable "msie6";
- gzip_vary on;
- gzip_proxied any;
- gzip_comp_level 6;
- gzip_buffers 16 8k;
- gzip_http_version 1.1;
- gzip_min_length 256;
- gzip_types
- text/plain
- text/css
- text/xml
- text/javascript
- text/x-component
- application/json
- application/x-javascript
- application/xml
- application/xml+rss
- application/xhtml+xml
- application/javascript
- application/vnd.ms-fontobject
- application/x-font-truetype
- application/x-web-app-manifest+json
- application/x-font-ttf
- application/x-font-opentype
- font/opentype
- font/eot
- font/otf
- image/svg+xml
- image/vnd.microsoft.icon
- image/x-icon;
- ##
- # nginx-naxsi config
- ##
- # Uncomment it if you installed nginx-naxsi
- ##
- #include /etc/nginx/naxsi_core.rules;
- ##
- # nginx-passenger config
- ##
- # Uncomment it if you installed nginx-passenger
- ##
- #passenger_root /usr;
- #passenger_ruby /usr/bin/ruby;
- ##
- # Virtual Host Configs
- ##
- include /etc/nginx/conf.d/*.conf;
- include /config/nginx/site-confs/*;
- ssl_protocols TLSv1 TLSv1.1 TLSv1.2 TLSv1.3;
- ssl_ciphers "EECDH+AESGCM:EDH+AESGCM:AES256+EECDH:AES256+EDH";
- ssl_prefer_server_ciphers on;
- ssl_session_cache shared:SSL:40m;
- ssl_stapling on; # Requires nginx >= 1.3.7
- ssl_stapling_verify on; # Requires nginx => 1.3.7
- #add_header Strict-Transport-Security "max-age=31536000; includeSubDomains; preload;";
- #add_header X-Frame-Options SAMEORIGIN;
- add_header X-Content-Type-Options nosniff;
- add_header X-XSS-Protection "1; mode=block";
- add_header X-Robots-Tag none;
- }
- #mail {
- # # See sample authentication script at:
- # # http://wiki.nginx.org/ImapAuthenticateWithApachePhpScript
- #
- # # auth_http localhost/auth.php;
- # # pop3_capabilities "TOP" "USER";
- # # imap_capabilities "IMAP4rev1" "UIDPLUS";
- #
- # server {
- # listen localhost:110;
- # protocol pop3;
- # proxy on;
- # }
- #
- # server {
- # listen localhost:143;
- # protocol imap;
- # proxy on;
- # }
- #}
- daemon off;
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
